Software package manager CVE API

[windmillcode0]

Greetings I am making a vscode extension libtracker where you can get a birds eye view of the CVE, license and dependency info about your app https://marketplace.visualstudio.com/items?itemName=windmillcode-publisher-0.lib-tracker. Is there a way to get CVE information about software packages from as many software package managers as possible from your tool? or is there a guide to where I can obtain this information from other package managers?. I know that dependabot does this for you is there a way I can make api calls to dependabot to obtain this information? or a similar resource